/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- *//* vim: set ts=8 sts=2 et sw=2 tw=80: *//* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */#include"mozilla/LoadInfo.h"#include"mozilla/Assertions.h"#include"mozilla/dom/ClientIPCTypes.h"#include"mozilla/dom/ClientSource.h"#include"mozilla/dom/PerformanceStorage.h"#include"mozilla/dom/BrowserChild.h"#include"mozilla/dom/ToJSValue.h"#include"mozilla/dom/BrowsingContext.h"#include"mozilla/net/CookieSettings.h"#include"mozilla/NullPrincipal.h"#include"mozilla/StaticPrefs.h"#include"mozIThirdPartyUtil.h"#include"nsFrameLoader.h"#include"nsFrameLoaderOwner.h"#include"nsIContentSecurityPolicy.h"#include"nsIDocShell.h"#include"mozilla/dom/Document.h"#include"nsCookiePermission.h"#include"nsICookieService.h"#include"nsIInterfaceRequestorUtils.h"#include"nsISupportsImpl.h"#include"nsISupportsUtils.h"#include"nsIXPConnect.h"#include"nsContentUtils.h"#include"nsDocShell.h"#include"nsGlobalWindow.h"#include"nsMixedContentBlocker.h"#include"nsQueryObject.h"#include"nsRedirectHistoryEntry.h"#include"nsSandboxFlags.h"#include"LoadInfo.h"usingnamespacemozilla::dom;namespacemozilla{namespacenet{staticuint64_tFindTopOuterWindowID(nsPIDOMWindowOuter*aOuter){nsCOMPtr<nsPIDOMWindowOuter>outer=aOuter;while(nsCOMPtr<nsPIDOMWindowOuter>parent=outer->GetScriptableParentOrNull()){outer=parent;}returnouter->WindowID();}LoadInfo::LoadInfo(nsIPrincipal*aLoadingPrincipal,nsIPrincipal*aTriggeringPrincipal,nsINode*aLoadingContext,nsSecurityFlagsaSecurityFlags,nsContentPolicyTypeaContentPolicyType,constMaybe<mozilla::dom::ClientInfo>&aLoadingClientInfo,constMaybe<mozilla::dom::ServiceWorkerDescriptor>&aController):mLoadingPrincipal(aLoadingContext?aLoadingContext->NodePrincipal():aLoadingPrincipal),mTriggeringPrincipal(aTriggeringPrincipal?aTriggeringPrincipal:mLoadingPrincipal.get()),mPrincipalToInherit(nullptr),mClientInfo(aLoadingClientInfo),mController(aController),mLoadingContext(do_GetWeakReference(aLoadingContext)),mContextForTopLevelLoad(nullptr),mSecurityFlags(aSecurityFlags),mInternalContentPolicyType(aContentPolicyType),mTainting(LoadTainting::Basic),mUpgradeInsecureRequests(false),mBrowserUpgradeInsecureRequests(false),mBrowserWouldUpgradeInsecureRequests(false),mForceAllowDataURI(false),mAllowInsecureRedirectToDataURI(false),mSkipContentPolicyCheckForWebRequest(false),mOriginalFrameSrcLoad(false),mForceInheritPrincipalDropped(false),mInnerWindowID(0),mOuterWindowID(0),mParentOuterWindowID(0),mTopOuterWindowID(0),mFrameOuterWindowID(0),mBrowsingContextID(0),mFrameBrowsingContextID(0),mInitialSecurityCheckDone(false),mIsThirdPartyContext(false),mIsDocshellReload(false),mSendCSPViolationEvents(true),mRequestBlockingReason(BLOCKING_REASON_NONE),mForcePreflight(false),mIsPreflight(false),mLoadTriggeredFromExternal(false),mServiceWorkerTaintingSynthesized(false),mDocumentHasUserInteracted(false),mDocumentHasLoaded(false),mIsFromProcessingFrameAttributes(false){MOZ_ASSERT(mLoadingPrincipal);MOZ_ASSERT(mTriggeringPrincipal);#ifdef DEBUG// TYPE_DOCUMENT loads initiated by javascript tests will go through// nsIOService and use the wrong constructor. Don't enforce the// !TYPE_DOCUMENT check in those casesboolskipContentTypeCheck=false;skipContentTypeCheck=Preferences::GetBool("network.loadinfo.skip_type_assertion");#endif// This constructor shouldn't be used for TYPE_DOCUMENT loads that don't// have a loadingPrincipalMOZ_ASSERT(skipContentTypeCheck||mLoadingPrincipal||mInternalContentPolicyType!=nsIContentPolicy::TYPE_DOCUMENT);// We should only get an explicit controller for subresource requests.MOZ_DIAGNOSTIC_ASSERT(aController.isNothing()||!nsContentUtils::IsNonSubresourceInternalPolicyType(mInternalContentPolicyType));// TODO(bug 1259873): Above, we initialize mIsThirdPartyContext to false// meaning that consumers of LoadInfo that don't pass a context or pass a// context from which we can't find a window will default to assuming that// they're 1st party. It would be nice if we could default "safe" and assume// that we are 3rd party until proven otherwise.// if consumers pass both, aLoadingContext and aLoadingPrincipal// then the loadingPrincipal must be the same as the node's principalMOZ_ASSERT(!aLoadingContext||!aLoadingPrincipal||aLoadingContext->NodePrincipal()==aLoadingPrincipal);// if the load is sandboxed, we can not also inherit the principalif(mSecurityFlags&nsILoadInfo::SEC_SANDBOXED){mForceInheritPrincipalDropped=(mSecurityFlags&nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);mSecurityFlags&=~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;}uint32_texternalType=nsContentUtils::InternalContentPolicyTypeToExternal(aContentPolicyType);if(aLoadingContext){// Ensure that all network requests for a window client have the ClientInfo// properly set. Workers must currently pass the loading ClientInfo// explicitly. We allow main thread requests to explicitly pass the value as// well.if(mClientInfo.isNothing()){mClientInfo=aLoadingContext->OwnerDoc()->GetClientInfo();}// For subresource loads set the service worker based on the calling// context's controller. Workers must currently pass the controller in// explicitly. We allow main thread requests to explicitly pass the value// as well, but otherwise extract from the loading context here.if(mController.isNothing()&&!nsContentUtils::IsNonSubresourceInternalPolicyType(mInternalContentPolicyType)){mController=aLoadingContext->OwnerDoc()->GetController();}nsCOMPtr<nsPIDOMWindowOuter>contextOuter=aLoadingContext->OwnerDoc()->GetWindow();if(contextOuter){ComputeIsThirdPartyContext(contextOuter);mOuterWindowID=contextOuter->WindowID();nsCOMPtr<nsPIDOMWindowOuter>parent=contextOuter->GetScriptableParent();mParentOuterWindowID=parent?parent->WindowID():mOuterWindowID;mTopOuterWindowID=FindTopOuterWindowID(contextOuter);RefPtr<dom::BrowsingContext>bc=contextOuter->GetBrowsingContext();mBrowsingContextID=bc?bc->Id():0;nsGlobalWindowInner*innerWindow=nsGlobalWindowInner::Cast(contextOuter->GetCurrentInnerWindow());if(innerWindow){mTopLevelPrincipal=innerWindow->GetTopLevelPrincipal();// The top-level-storage-area-principal is not null only for the first// level of iframes (null for top-level contexts, and null for// sub-iframes). If we are loading a sub-document resource, we must// calculate what the top-level-storage-area-principal will be for the// new context.if(externalType!=nsIContentPolicy::TYPE_SUBDOCUMENT){mTopLevelStorageAreaPrincipal=innerWindow->GetTopLevelStorageAreaPrincipal();}elseif(contextOuter->IsTopLevelWindow()){Document*doc=innerWindow->GetExtantDoc();if(!doc||(!doc->StorageAccessSandboxed()&&!nsContentUtils::IsInPrivateBrowsing(doc))){mTopLevelStorageAreaPrincipal=innerWindow->GetPrincipal();}// If this is the first level iframe, innerWindow is our top-level// principal.if(!mTopLevelPrincipal){mTopLevelPrincipal=innerWindow->GetPrincipal();}}mDocumentHasLoaded=innerWindow->IsDocumentLoaded();if(innerWindow->IsFrame()){// For resources within iframes, we actually want the// top-level document's flag, not the iframe document's.mDocumentHasLoaded=false;nsGlobalWindowOuter*topOuter=innerWindow->GetScriptableTopInternal();if(topOuter){nsGlobalWindowInner*topInner=nsGlobalWindowInner::Cast(topOuter->GetCurrentInnerWindow());if(topInner){mDocumentHasLoaded=topInner->IsDocumentLoaded();}}}}// Let's inherit the cookie behavior and permission from the parent// document.mCookieSettings=aLoadingContext->OwnerDoc()->CookieSettings();}mInnerWindowID=aLoadingContext->OwnerDoc()->InnerWindowID();mAncestorPrincipals=aLoadingContext->OwnerDoc()->AncestorPrincipals();mAncestorOuterWindowIDs=aLoadingContext->OwnerDoc()->AncestorOuterWindowIDs();MOZ_DIAGNOSTIC_ASSERT(mAncestorPrincipals.Length()==mAncestorOuterWindowIDs.Length());mDocumentHasUserInteracted=aLoadingContext->OwnerDoc()->UserHasInteracted();// When the element being loaded is a frame, we choose the frame's window// for the window ID and the frame element's window as the parent// window. This is the behavior that Chrome exposes to add-ons.// NB: If the frameLoaderOwner doesn't have a frame loader, then the load// must be coming from an object (such as a plugin) that's loaded into it// instead of a document being loaded. In that case, treat this object like// any other non-document-loading element.RefPtr<nsFrameLoaderOwner>frameLoaderOwner=do_QueryObject(aLoadingContext);RefPtr<nsFrameLoader>fl=frameLoaderOwner?frameLoaderOwner->GetFrameLoader():nullptr;if(fl){nsCOMPtr<nsIDocShell>docShell=fl->GetDocShell(IgnoreErrors());if(docShell){nsCOMPtr<nsPIDOMWindowOuter>outerWindow=do_GetInterface(docShell);if(outerWindow){mFrameOuterWindowID=outerWindow->WindowID();RefPtr<dom::BrowsingContext>bc=outerWindow->GetBrowsingContext();mFrameBrowsingContextID=bc?bc->Id():0;}}}// if the document forces all requests to be upgraded from http to https,// then we should do that for all requests. If it only forces preloads to be// upgraded then we should enforce upgrade insecure requests only for// preloads.mUpgradeInsecureRequests=aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(false)||(nsContentUtils::IsPreloadType(mInternalContentPolicyType)&&aLoadingContext->OwnerDoc()->GetUpgradeInsecureRequests(true));if(nsContentUtils::IsUpgradableDisplayType(externalType)){nsCOMPtr<nsIURI>uri;mLoadingPrincipal->GetURI(getter_AddRefs(uri));if(uri){// Checking https not secure context as http://localhost can't be// upgradedboolisHttpsScheme;nsresultrv=uri->SchemeIs("https",&isHttpsScheme);if(NS_SUCCEEDED(rv)&&isHttpsScheme){if(nsMixedContentBlocker::ShouldUpgradeMixedDisplayContent()){mBrowserUpgradeInsecureRequests=true;}else{mBrowserWouldUpgradeInsecureRequests=true;}}}}}mOriginAttributes=mLoadingPrincipal->OriginAttributesRef();// We need to do this after inheriting the document's origin attributes// above, in case the loading principal ends up being the system principal.if(aLoadingContext){nsCOMPtr<nsILoadContext>loadContext=aLoadingContext->OwnerDoc()->GetLoadContext();nsCOMPtr<nsIDocShell>docShell=aLoadingContext->OwnerDoc()->GetDocShell();if(loadContext&&docShell&&docShell->ItemType()==nsIDocShellTreeItem::typeContent){boolusePrivateBrowsing;nsresultrv=loadContext->GetUsePrivateBrowsing(&usePrivateBrowsing);if(NS_SUCCEEDED(rv)){mOriginAttributes.SyncAttributesWithPrivateBrowsing(usePrivateBrowsing);}}}// For chrome docshell, the mPrivateBrowsingId remains 0 even its// UsePrivateBrowsing() is true, so we only update the mPrivateBrowsingId in// origin attributes if the type of the docshell is content.if(aLoadingContext){nsCOMPtr<nsIDocShell>docShell=aLoadingContext->OwnerDoc()->GetDocShell();if(docShell){if(docShell->ItemType()==nsIDocShellTreeItem::typeChrome){MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId==0,"chrome docshell shouldn't have mPrivateBrowsingId set.");}}}}/* Constructor takes an outer window, but no loadingNode or loadingPrincipal. * This constructor should only be used for TYPE_DOCUMENT loads, since they * have a null loadingNode and loadingPrincipal. */LoadInfo::LoadInfo(nsPIDOMWindowOuter*aOuterWindow,nsIPrincipal*aTriggeringPrincipal,nsISupports*aContextForTopLevelLoad,nsSecurityFlagsaSecurityFlags):mLoadingPrincipal(nullptr),mTriggeringPrincipal(aTriggeringPrincipal),mPrincipalToInherit(nullptr),mContextForTopLevelLoad(do_GetWeakReference(aContextForTopLevelLoad)),mSecurityFlags(aSecurityFlags),mInternalContentPolicyType(nsIContentPolicy::TYPE_DOCUMENT),mTainting(LoadTainting::Basic),mUpgradeInsecureRequests(false),mBrowserUpgradeInsecureRequests(false),mBrowserWouldUpgradeInsecureRequests(false),mForceAllowDataURI(false),mAllowInsecureRedirectToDataURI(false),mSkipContentPolicyCheckForWebRequest(false),mOriginalFrameSrcLoad(false),mForceInheritPrincipalDropped(false),mInnerWindowID(0),mOuterWindowID(0),mParentOuterWindowID(0),mTopOuterWindowID(0),mFrameOuterWindowID(0),mBrowsingContextID(0),mFrameBrowsingContextID(0),mInitialSecurityCheckDone(false),mIsThirdPartyContext(false),// NB: TYPE_DOCUMENT implies !third-party.mIsDocshellReload(false),mSendCSPViolationEvents(true),mRequestBlockingReason(BLOCKING_REASON_NONE),mForcePreflight(false),mIsPreflight(false),mLoadTriggeredFromExternal(false),mServiceWorkerTaintingSynthesized(false),mDocumentHasUserInteracted(false),mDocumentHasLoaded(false),mIsFromProcessingFrameAttributes(false){// Top-level loads are never third-party// Grab the information we can out of the window.MOZ_ASSERT(aOuterWindow);MOZ_ASSERT(mTriggeringPrincipal);// if the load is sandboxed, we can not also inherit the principalif(mSecurityFlags&nsILoadInfo::SEC_SANDBOXED){mForceInheritPrincipalDropped=(mSecurityFlags&nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);mSecurityFlags&=~nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL;}// NB: Ignore the current inner window since we're navigating away from it.mOuterWindowID=aOuterWindow->WindowID();RefPtr<BrowsingContext>bc=aOuterWindow->GetBrowsingContext();mBrowsingContextID=bc?bc->Id():0;// TODO We can have a parent without a frame element in some cases dealing// with the hidden window.nsCOMPtr<nsPIDOMWindowOuter>parent=aOuterWindow->GetScriptableParent();mParentOuterWindowID=parent?parent->WindowID():0;mTopOuterWindowID=FindTopOuterWindowID(aOuterWindow);nsGlobalWindowInner*innerWindow=nsGlobalWindowInner::Cast(aOuterWindow->GetCurrentInnerWindow());if(innerWindow){mTopLevelPrincipal=innerWindow->GetTopLevelPrincipal();// mTopLevelStorageAreaPrincipal is always null for top-level document// loading.}// get the docshell from the outerwindow, and then get the originattributesnsCOMPtr<nsIDocShell>docShell=aOuterWindow->GetDocShell();MOZ_ASSERT(docShell);mOriginAttributes=nsDocShell::Cast(docShell)->GetOriginAttributes();mAncestorPrincipals=nsDocShell::Cast(docShell)->AncestorPrincipals();mAncestorOuterWindowIDs=nsDocShell::Cast(docShell)->AncestorOuterWindowIDs();MOZ_DIAGNOSTIC_ASSERT(mAncestorPrincipals.Length()==mAncestorOuterWindowIDs.Length());#ifdef DEBUGif(docShell->ItemType()==nsIDocShellTreeItem::typeChrome){MOZ_ASSERT(mOriginAttributes.mPrivateBrowsingId==0,"chrome docshell shouldn't have mPrivateBrowsingId set.");}#endif// Let's take the current cookie behavior and current cookie permission// for the documents' loadInfo. Note that for any other loadInfos,// cookieBehavior will be BEHAVIOR_REJECT for security reasons.mCookieSettings=CookieSettings::Create();}LoadInfo::LoadInfo(constLoadInfo&rhs):mLoadingPrincipal(rhs.mLoadingPrincipal),mTriggeringPrincipal(rhs.mTriggeringPrincipal),mPrincipalToInherit(rhs.mPrincipalToInherit),mSandboxedLoadingPrincipal(rhs.mSandboxedLoadingPrincipal),mTopLevelPrincipal(rhs.mTopLevelPrincipal),mTopLevelStorageAreaPrincipal(rhs.mTopLevelStorageAreaPrincipal),mResultPrincipalURI(rhs.mResultPrincipalURI),mCookieSettings(rhs.mCookieSettings),mClientInfo(rhs.mClientInfo),// mReservedClientSource must be handled specially during redirect// mReservedClientInfo must be handled specially during redirect// mInitialClientInfo must be handled specially during redirectmController(rhs.mController),mPerformanceStorage(rhs.mPerformanceStorage),mLoadingContext(rhs.mLoadingContext),mContextForTopLevelLoad(rhs.mContextForTopLevelLoad),mSecurityFlags(rhs.mSecurityFlags),mInternalContentPolicyType(rhs.mInternalContentPolicyType),mTainting(rhs.mTainting),mUpgradeInsecureRequests(rhs.mUpgradeInsecureRequests),mBrowserUpgradeInsecureRequests(rhs.mBrowserUpgradeInsecureRequests),mBrowserWouldUpgradeInsecureRequests(rhs.mBrowserWouldUpgradeInsecureRequests),mForceAllowDataURI(rhs.mForceAllowDataURI),mAllowInsecureRedirectToDataURI(rhs.mAllowInsecureRedirectToDataURI),mSkipContentPolicyCheckForWebRequest(rhs.mSkipContentPolicyCheckForWebRequest),mOriginalFrameSrcLoad(rhs.mOriginalFrameSrcLoad),mForceInheritPrincipalDropped(rhs.mForceInheritPrincipalDropped),mInnerWindowID(rhs.mInnerWindowID),mOuterWindowID(rhs.mOuterWindowID),mParentOuterWindowID(rhs.mParentOuterWindowID),mTopOuterWindowID(rhs.mTopOuterWindowID),mFrameOuterWindowID(rhs.mFrameOuterWindowID),mBrowsingContextID(rhs.mBrowsingContextID),mFrameBrowsingContextID(rhs.mFrameBrowsingContextID),mInitialSecurityCheckDone(rhs.mInitialSecurityCheckDone),mIsThirdPartyContext(rhs.mIsThirdPartyContext),mIsDocshellReload(rhs.mIsDocshellReload),mSendCSPViolationEvents(rhs.mSendCSPViolationEvents),mOriginAttributes(rhs.mOriginAttributes),mRedirectChainIncludingInternalRedirects(rhs.mRedirectChainIncludingInternalRedirects),mRedirectChain(rhs.mRedirectChain),mAncestorPrincipals(rhs.mAncestorPrincipals),mAncestorOuterWindowIDs(rhs.mAncestorOuterWindowIDs),mCorsUnsafeHeaders(rhs.mCorsUnsafeHeaders),mRequestBlockingReason(rhs.mRequestBlockingReason),mForcePreflight(rhs.mForcePreflight),mIsPreflight(rhs.mIsPreflight),mLoadTriggeredFromExternal(rhs.mLoadTriggeredFromExternal),// mServiceWorkerTaintingSynthesized must be handled specially during// redirectmServiceWorkerTaintingSynthesized(false),mDocumentHasUserInteracted(rhs.mDocumentHasUserInteracted),mDocumentHasLoaded(rhs.mDocumentHasLoaded),mCspNonce(rhs.mCspNonce),mIsFromProcessingFrameAttributes(rhs.mIsFromProcessingFrameAttributes){}LoadInfo::LoadInfo(nsIPrincipal*aLoadingPrincipal,nsIPrincipal*aTriggeringPrincipal,nsIPrincipal*aPrincipalToInherit,nsIPrincipal*aSandboxedLoadingPrincipal,nsIPrincipal*aTopLevelPrincipal,nsIPrincipal*aTopLevelStorageAreaPrincipal,nsIURI*aResultPrincipalURI,nsICookieSettings*aCookieSettings,constMaybe<ClientInfo>&aClientInfo,constMaybe<ClientInfo>&aReservedClientInfo,constMaybe<ClientInfo>&aInitialClientInfo,constMaybe<ServiceWorkerDescriptor>&aController,nsSecurityFlagsaSecurityFlags,nsContentPolicyTypeaContentPolicyType,LoadTaintingaTainting,boolaUpgradeInsecureRequests,boolaBrowserUpgradeInsecureRequests,boolaBrowserWouldUpgradeInsecureRequests,boolaForceAllowDataURI,boolaAllowInsecureRedirectToDataURI,boolaSkipContentPolicyCheckForWebRequest,boolaForceInheritPrincipalDropped,uint64_taInnerWindowID,uint64_taOuterWindowID,uint64_taParentOuterWindowID,uint64_taTopOuterWindowID,uint64_taFrameOuterWindowID,uint64_taBrowsingContextID,uint64_taFrameBrowsingContextID,boolaInitialSecurityCheckDone,boolaIsThirdPartyContext,boolaIsDocshellReload,boolaSendCSPViolationEvents,constOriginAttributes&aOriginAttributes,RedirectHistoryArray&aRedirectChainIncludingInternalRedirects,RedirectHistoryArray&aRedirectChain,nsTArray<nsCOMPtr<nsIPrincipal>>&&aAncestorPrincipals,constnsTArray<uint64_t>&aAncestorOuterWindowIDs,constnsTArray<nsCString>&aCorsUnsafeHeaders,boolaForcePreflight,boolaIsPreflight,boolaLoadTriggeredFromExternal,boolaServiceWorkerTaintingSynthesized,boolaDocumentHasUserInteracted,boolaDocumentHasLoaded,constnsAString&aCspNonce,uint32_taRequestBlockingReason):mLoadingPrincipal(aLoadingPrincipal),mTriggeringPrincipal(aTriggeringPrincipal),mPrincipalToInherit(aPrincipalToInherit),mTopLevelPrincipal(aTopLevelPrincipal),mTopLevelStorageAreaPrincipal(aTopLevelStorageAreaPrincipal),mResultPrincipalURI(aResultPrincipalURI),mCookieSettings(aCookieSettings),mClientInfo(aClientInfo),mReservedClientInfo(aReservedClientInfo),mInitialClientInfo(aInitialClientInfo),mController(aController),mSecurityFlags(aSecurityFlags),mInternalContentPolicyType(aContentPolicyType),mTainting(aTainting),mUpgradeInsecureRequests(aUpgradeInsecureRequests),mBrowserUpgradeInsecureRequests(aBrowserUpgradeInsecureRequests),mBrowserWouldUpgradeInsecureRequests(aBrowserWouldUpgradeInsecureRequests),mForceAllowDataURI(aForceAllowDataURI),mAllowInsecureRedirectToDataURI(aAllowInsecureRedirectToDataURI),mSkipContentPolicyCheckForWebRequest(aSkipContentPolicyCheckForWebRequest),mOriginalFrameSrcLoad(false),mForceInheritPrincipalDropped(aForceInheritPrincipalDropped),mInnerWindowID(aInnerWindowID),mOuterWindowID(aOuterWindowID),mParentOuterWindowID(aParentOuterWindowID),mTopOuterWindowID(aTopOuterWindowID),mFrameOuterWindowID(aFrameOuterWindowID),mBrowsingContextID(aBrowsingContextID),mFrameBrowsingContextID(aFrameBrowsingContextID),mInitialSecurityCheckDone(aInitialSecurityCheckDone),mIsThirdPartyContext(aIsThirdPartyContext),mIsDocshellReload(aIsDocshellReload),mSendCSPViolationEvents(aSendCSPViolationEvents),mOriginAttributes(aOriginAttributes),mAncestorPrincipals(std::move(aAncestorPrincipals)),mAncestorOuterWindowIDs(aAncestorOuterWindowIDs),mCorsUnsafeHeaders(aCorsUnsafeHeaders),mRequestBlockingReason(aRequestBlockingReason),mForcePreflight(aForcePreflight),mIsPreflight(aIsPreflight),mLoadTriggeredFromExternal(aLoadTriggeredFromExternal),mServiceWorkerTaintingSynthesized(aServiceWorkerTaintingSynthesized),mDocumentHasUserInteracted(aDocumentHasUserInteracted),mDocumentHasLoaded(aDocumentHasLoaded),mCspNonce(aCspNonce),mIsFromProcessingFrameAttributes(false){// Only top level TYPE_DOCUMENT loads can have a null loadingPrincipalMOZ_ASSERT(mLoadingPrincipal||aContentPolicyType==nsIContentPolicy::TYPE_DOCUMENT);MOZ_ASSERT(mTriggeringPrincipal);mRedirectChainIncludingInternalRedirects.SwapElements(aRedirectChainIncludingInternalRedirects);mRedirectChain.SwapElements(aRedirectChain);}voidLoadInfo::ComputeIsThirdPartyContext(nsPIDOMWindowOuter*aOuterWindow){nsContentPolicyTypetype=nsContentUtils::InternalContentPolicyTypeToExternal(mInternalContentPolicyType);if(type==nsIContentPolicy::TYPE_DOCUMENT){// Top-level loads are never third-party.mIsThirdPartyContext=false;return;}nsCOMPtr<mozIThirdPartyUtil>util(do_GetService(THIRDPARTYUTIL_CONTRACTID));if(NS_WARN_IF(!util)){return;}util->IsThirdPartyWindow(aOuterWindow,nullptr,&mIsThirdPartyContext);}NS_IMPL_ISUPPORTS(LoadInfo,nsILoadInfo)already_AddRefed<nsILoadInfo>LoadInfo::Clone()const{RefPtr<LoadInfo>copy(newLoadInfo(*this));returncopy.forget();}already_AddRefed<nsILoadInfo>LoadInfo::CloneWithNewSecFlags(nsSecurityFlagsaSecurityFlags)const{RefPtr<LoadInfo>copy(newLoadInfo(*this));copy->mSecurityFlags=aSecurityFlags;returncopy.forget();}already_AddRefed<nsILoadInfo>LoadInfo::CloneForNewRequest()const{RefPtr<LoadInfo>copy(newLoadInfo(*this));copy->mInitialSecurityCheckDone=false;copy->mRedirectChainIncludingInternalRedirects.Clear();copy->mRedirectChain.Clear();copy->mResultPrincipalURI=nullptr;returncopy.forget();}NS_IMETHODIMPLoadInfo::GetLoadingPrincipal(nsIPrincipal**aLoadingPrincipal){NS_IF_ADDREF(*aLoadingPrincipal=mLoadingPrincipal);returnNS_OK;}nsIPrincipal*LoadInfo::LoadingPrincipal(){returnmLoadingPrincipal;}NS_IMETHODIMPLoadInfo::GetTriggeringPrincipal(nsIPrincipal**aTriggeringPrincipal){NS_ADDREF(*aTriggeringPrincipal=mTriggeringPrincipal);returnNS_OK;}nsIPrincipal*LoadInfo::TriggeringPrincipal(){returnmTriggeringPrincipal;}NS_IMETHODIMPLoadInfo::GetPrincipalToInherit(nsIPrincipal**aPrincipalToInherit){NS_IF_ADDREF(*aPrincipalToInherit=mPrincipalToInherit);returnNS_OK;}NS_IMETHODIMPLoadInfo::SetPrincipalToInherit(nsIPrincipal*aPrincipalToInherit){MOZ_ASSERT(aPrincipalToInherit,"must be a valid principal to inherit");mPrincipalToInherit=aPrincipalToInherit;returnNS_OK;}nsIPrincipal*LoadInfo::PrincipalToInherit(){returnmPrincipalToInherit;}nsIPrincipal*LoadInfo::FindPrincipalToInherit(nsIChannel*aChannel){if(mPrincipalToInherit){returnmPrincipalToInherit;}nsCOMPtr<nsIURI>uri=mResultPrincipalURI;if(!uri){Unused<<aChannel->GetOriginalURI(getter_AddRefs(uri));}autoprin=BasePrincipal::Cast(mTriggeringPrincipal);returnprin->PrincipalToInherit(uri);}nsIPrincipal*LoadInfo::GetSandboxedLoadingPrincipal(){if(!(mSecurityFlags&nsILoadInfo::SEC_SANDBOXED)){returnnullptr;}if(!mSandboxedLoadingPrincipal){if(mLoadingPrincipal){mSandboxedLoadingPrincipal=NullPrincipal::CreateWithInheritedAttributes(mLoadingPrincipal);}else{OriginAttributesattrs(mOriginAttributes);mSandboxedLoadingPrincipal=NullPrincipal::Create(attrs);}}MOZ_ASSERT(mSandboxedLoadingPrincipal);returnmSandboxedLoadingPrincipal;}nsIPrincipal*LoadInfo::GetTopLevelPrincipal(){returnmTopLevelPrincipal;}nsIPrincipal*LoadInfo::GetTopLevelStorageAreaPrincipal(){returnmTopLevelStorageAreaPrincipal;}NS_IMETHODIMPLoadInfo::GetLoadingDocument(Document**aResult){if(nsCOMPtr<nsINode>node=do_QueryReferent(mLoadingContext)){RefPtr<Document>context=node->OwnerDoc();context.forget(aResult);}returnNS_OK;}nsINode*LoadInfo::LoadingNode(){nsCOMPtr<nsINode>node=do_QueryReferent(mLoadingContext);returnnode;}already_AddRefed<nsISupports>LoadInfo::ContextForTopLevelLoad(){// Most likely you want to query LoadingNode() instead of// ContextForTopLevelLoad() if this assertion fires.MOZ_ASSERT(mInternalContentPolicyType==nsIContentPolicy::TYPE_DOCUMENT,"should only query this context for top level document loads");nsCOMPtr<nsISupports>context=do_QueryReferent(mContextForTopLevelLoad);returncontext.forget();}already_AddRefed<nsISupports>LoadInfo::GetLoadingContext(){nsCOMPtr<nsISupports>context;if(mInternalContentPolicyType==nsIContentPolicy::TYPE_DOCUMENT){context=ContextForTopLevelLoad();}else{context=LoadingNode();}returncontext.forget();}NS_IMETHODIMPLoadInfo::GetLoadingContextXPCOM(nsISupports**aResult){nsCOMPtr<nsISupports>context=GetLoadingContext();context.forget(aResult);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetSecurityFlags(nsSecurityFlags*aResult){*aResult=mSecurityFlags;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetSecurityMode(uint32_t*aFlags){*aFlags=(mSecurityFlags&(nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_INHERITS|nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED|nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_INHERITS|nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_DATA_IS_NULL|nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS));returnNS_OK;}NS_IMETHODIMPLoadInfo::GetIsInThirdPartyContext(bool*aIsInThirdPartyContext){*aIsInThirdPartyContext=mIsThirdPartyContext;returnNS_OK;}staticconstuint32_tsCookiePolicyMask=nsILoadInfo::SEC_COOKIES_DEFAULT|nsILoadInfo::SEC_COOKIES_INCLUDE|nsILoadInfo::SEC_COOKIES_SAME_ORIGIN|nsILoadInfo::SEC_COOKIES_OMIT;NS_IMETHODIMPLoadInfo::GetCookiePolicy(uint32_t*aResult){uint32_tpolicy=mSecurityFlags&sCookiePolicyMask;if(policy==nsILoadInfo::SEC_COOKIES_DEFAULT){policy=(mSecurityFlags&SEC_REQUIRE_CORS_DATA_INHERITS)?nsILoadInfo::SEC_COOKIES_SAME_ORIGIN:nsILoadInfo::SEC_COOKIES_INCLUDE;}*aResult=policy;returnNS_OK;}namespace{already_AddRefed<nsICookieSettings>CreateCookieSettings(nsContentPolicyTypeaContentPolicyType){if(StaticPrefs::network_cookieSettings_unblocked_for_testing()){returnCookieSettings::Create();}// These contentPolictTypes require a real CookieSettings because favicon and// save-as requests must send cookies. Anything else should not send/receive// cookies.if(aContentPolicyType==nsIContentPolicy::TYPE_INTERNAL_IMAGE_FAVICON||aContentPolicyType==nsIContentPolicy::TYPE_SAVEAS_DOWNLOAD){returnCookieSettings::Create();}returnCookieSettings::CreateBlockingAll();}}// namespaceNS_IMETHODIMPLoadInfo::GetCookieSettings(nsICookieSettings**aCookieSettings){if(!mCookieSettings){mCookieSettings=CreateCookieSettings(mInternalContentPolicyType);}nsCOMPtr<nsICookieSettings>cookieSettings=mCookieSettings;cookieSettings.forget(aCookieSettings);returnNS_OK;}NS_IMETHODIMPLoadInfo::SetCookieSettings(nsICookieSettings*aCookieSettings){MOZ_ASSERT(aCookieSettings);// We allow the overwrite of CookieSettings.mCookieSettings=aCookieSettings;returnNS_OK;}voidLoadInfo::SetIncludeCookiesSecFlag(){MOZ_ASSERT((mSecurityFlags&sCookiePolicyMask)==nsILoadInfo::SEC_COOKIES_DEFAULT);mSecurityFlags=(mSecurityFlags&~sCookiePolicyMask)|nsILoadInfo::SEC_COOKIES_INCLUDE;}NS_IMETHODIMPLoadInfo::GetForceInheritPrincipal(bool*aInheritPrincipal){*aInheritPrincipal=(mSecurityFlags&nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetForceInheritPrincipalOverruleOwner(bool*aInheritPrincipal){*aInheritPrincipal=(mSecurityFlags&nsILoadInfo::SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetLoadingSandboxed(bool*aLoadingSandboxed){*aLoadingSandboxed=(mSecurityFlags&nsILoadInfo::SEC_SANDBOXED);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetAboutBlankInherits(bool*aResult){*aResult=(mSecurityFlags&nsILoadInfo::SEC_ABOUT_BLANK_INHERITS);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetAllowChrome(bool*aResult){*aResult=(mSecurityFlags&nsILoadInfo::SEC_ALLOW_CHROME);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetDisallowScript(bool*aResult){*aResult=(mSecurityFlags&nsILoadInfo::SEC_DISALLOW_SCRIPT);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetDontFollowRedirects(bool*aResult){*aResult=(mSecurityFlags&nsILoadInfo::SEC_DONT_FOLLOW_REDIRECTS);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetLoadErrorPage(bool*aResult){*aResult=(mSecurityFlags&nsILoadInfo::SEC_LOAD_ERROR_PAGE);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetIsDocshellReload(bool*aResult){*aResult=mIsDocshellReload;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetIsDocshellReload(boolaValue){mIsDocshellReload=aValue;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetSendCSPViolationEvents(bool*aResult){*aResult=mSendCSPViolationEvents;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetSendCSPViolationEvents(boolaValue){mSendCSPViolationEvents=aValue;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetExternalContentPolicyType(nsContentPolicyType*aResult){*aResult=nsContentUtils::InternalContentPolicyTypeToExternal(mInternalContentPolicyType);returnNS_OK;}nsContentPolicyTypeLoadInfo::InternalContentPolicyType(){returnmInternalContentPolicyType;}NS_IMETHODIMPLoadInfo::GetUpgradeInsecureRequests(bool*aResult){*aResult=mUpgradeInsecureRequests;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetBrowserUpgradeInsecureRequests(bool*aResult){*aResult=mBrowserUpgradeInsecureRequests;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetBrowserWouldUpgradeInsecureRequests(bool*aResult){*aResult=mBrowserWouldUpgradeInsecureRequests;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetForceAllowDataURI(boolaForceAllowDataURI){MOZ_ASSERT(!mForceAllowDataURI||mInternalContentPolicyType==nsIContentPolicy::TYPE_DOCUMENT,"can only allow data URI navigation for TYPE_DOCUMENT");mForceAllowDataURI=aForceAllowDataURI;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetForceAllowDataURI(bool*aForceAllowDataURI){*aForceAllowDataURI=mForceAllowDataURI;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetAllowInsecureRedirectToDataURI(boolaAllowInsecureRedirectToDataURI){mAllowInsecureRedirectToDataURI=aAllowInsecureRedirectToDataURI;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetAllowInsecureRedirectToDataURI(bool*aAllowInsecureRedirectToDataURI){*aAllowInsecureRedirectToDataURI=mAllowInsecureRedirectToDataURI;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetSkipContentPolicyCheckForWebRequest(boolaSkip){mSkipContentPolicyCheckForWebRequest=aSkip;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetSkipContentPolicyCheckForWebRequest(bool*aSkip){*aSkip=mSkipContentPolicyCheckForWebRequest;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetOriginalFrameSrcLoad(boolaOriginalFrameSrcLoad){mOriginalFrameSrcLoad=aOriginalFrameSrcLoad;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetOriginalFrameSrcLoad(bool*aOriginalFrameSrcLoad){*aOriginalFrameSrcLoad=mOriginalFrameSrcLoad;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetForceInheritPrincipalDropped(bool*aResult){*aResult=mForceInheritPrincipalDropped;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetInnerWindowID(uint64_t*aResult){*aResult=mInnerWindowID;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetOuterWindowID(uint64_t*aResult){*aResult=mOuterWindowID;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetParentOuterWindowID(uint64_t*aResult){*aResult=mParentOuterWindowID;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetTopOuterWindowID(uint64_t*aResult){*aResult=mTopOuterWindowID;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetFrameOuterWindowID(uint64_t*aResult){*aResult=mFrameOuterWindowID;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetBrowsingContextID(uint64_t*aResult){*aResult=mBrowsingContextID;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetFrameBrowsingContextID(uint64_t*aResult){*aResult=mFrameBrowsingContextID;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetBrowsingContext(dom::BrowsingContext**aResult){*aResult=BrowsingContext::Get(mBrowsingContextID).take();returnNS_OK;}NS_IMETHODIMPLoadInfo::GetFrameBrowsingContext(dom::BrowsingContext**aResult){*aResult=BrowsingContext::Get(mFrameBrowsingContextID).take();returnNS_OK;}NS_IMETHODIMPLoadInfo::GetScriptableOriginAttributes(JSContext*aCx,JS::MutableHandle<JS::Value>aOriginAttributes){if(NS_WARN_IF(!ToJSValue(aCx,mOriginAttributes,aOriginAttributes))){returnNS_ERROR_FAILURE;}returnNS_OK;}NS_IMETHODIMPLoadInfo::ResetPrincipalToInheritToNullPrincipal(){// take the originAttributes from the LoadInfo and create// a new NullPrincipal using those origin attributes.nsCOMPtr<nsIPrincipal>newNullPrincipal=NullPrincipal::Create(mOriginAttributes);mPrincipalToInherit=newNullPrincipal;// setting SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER will overrule// any non null owner set on the channel and will return the principal// form the loadinfo instead.mSecurityFlags|=SEC_FORCE_INHERIT_PRINCIPAL_OVERRULE_OWNER;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetScriptableOriginAttributes(JSContext*aCx,JS::Handle<JS::Value>aOriginAttributes){OriginAttributesattrs;if(!aOriginAttributes.isObject()||!attrs.Init(aCx,aOriginAttributes)){returnNS_ERROR_INVALID_ARG;}mOriginAttributes=attrs;returnNS_OK;}nsresultLoadInfo::GetOriginAttributes(mozilla::OriginAttributes*aOriginAttributes){NS_ENSURE_ARG(aOriginAttributes);*aOriginAttributes=mOriginAttributes;returnNS_OK;}nsresultLoadInfo::SetOriginAttributes(constmozilla::OriginAttributes&aOriginAttributes){mOriginAttributes=aOriginAttributes;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetInitialSecurityCheckDone(boolaInitialSecurityCheckDone){// Indicates whether the channel was ever evaluated by the// ContentSecurityManager. Once set to true, this flag must// remain true throughout the lifetime of the channel.// Setting it to anything else than true will be discarded.MOZ_ASSERT(aInitialSecurityCheckDone,"aInitialSecurityCheckDone must be true");mInitialSecurityCheckDone=mInitialSecurityCheckDone||aInitialSecurityCheckDone;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetInitialSecurityCheckDone(bool*aResult){*aResult=mInitialSecurityCheckDone;returnNS_OK;}NS_IMETHODIMPLoadInfo::AppendRedirectHistoryEntry(nsIRedirectHistoryEntry*aEntry,boolaIsInternalRedirect){NS_ENSURE_ARG(aEntry);MOZ_ASSERT(NS_IsMainThread());mRedirectChainIncludingInternalRedirects.AppendElement(aEntry);if(!aIsInternalRedirect){mRedirectChain.AppendElement(aEntry);}returnNS_OK;}NS_IMETHODIMPLoadInfo::GetRedirects(JSContext*aCx,JS::MutableHandle<JS::Value>aRedirects,constRedirectHistoryArray&aArray){JS::Rooted<JSObject*>redirects(aCx,JS_NewArrayObject(aCx,aArray.Length()));NS_ENSURE_TRUE(redirects,NS_ERROR_OUT_OF_MEMORY);JS::Rooted<JSObject*>global(aCx,JS::CurrentGlobalOrNull(aCx));NS_ENSURE_TRUE(global,NS_ERROR_UNEXPECTED);nsCOMPtr<nsIXPConnect>xpc=nsIXPConnect::XPConnect();for(size_tidx=0;idx<aArray.Length();idx++){JS::RootedObjectjsobj(aCx);nsresultrv=xpc->WrapNative(aCx,global,aArray[idx],NS_GET_IID(nsIRedirectHistoryEntry),jsobj.address());NS_ENSURE_SUCCESS(rv,rv);NS_ENSURE_STATE(jsobj);boolrc=JS_DefineElement(aCx,redirects,idx,jsobj,JSPROP_ENUMERATE);NS_ENSURE_TRUE(rc,NS_ERROR_UNEXPECTED);}aRedirects.setObject(*redirects);returnNS_OK;}NS_IMETHODIMPLoadInfo::GetRedirectChainIncludingInternalRedirects(JSContext*aCx,JS::MutableHandle<JS::Value>aChain){returnGetRedirects(aCx,aChain,mRedirectChainIncludingInternalRedirects);}constRedirectHistoryArray&LoadInfo::RedirectChainIncludingInternalRedirects(){returnmRedirectChainIncludingInternalRedirects;}NS_IMETHODIMPLoadInfo::GetRedirectChain(JSContext*aCx,JS::MutableHandle<JS::Value>aChain){returnGetRedirects(aCx,aChain,mRedirectChain);}constRedirectHistoryArray&LoadInfo::RedirectChain(){returnmRedirectChain;}constnsTArray<nsCOMPtr<nsIPrincipal>>&LoadInfo::AncestorPrincipals(){returnmAncestorPrincipals;}constnsTArray<uint64_t>&LoadInfo::AncestorOuterWindowIDs(){returnmAncestorOuterWindowIDs;}voidLoadInfo::SetCorsPreflightInfo(constnsTArray<nsCString>&aHeaders,boolaForcePreflight){MOZ_ASSERT(GetSecurityMode()==nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS);MOZ_ASSERT(!mInitialSecurityCheckDone);mCorsUnsafeHeaders=aHeaders;mForcePreflight=aForcePreflight;}constnsTArray<nsCString>&LoadInfo::CorsUnsafeHeaders(){returnmCorsUnsafeHeaders;}NS_IMETHODIMPLoadInfo::GetForcePreflight(bool*aForcePreflight){*aForcePreflight=mForcePreflight;returnNS_OK;}voidLoadInfo::SetIsPreflight(){MOZ_ASSERT(GetSecurityMode()==nsILoadInfo::SEC_REQUIRE_CORS_DATA_INHERITS);MOZ_ASSERT(!mInitialSecurityCheckDone);mIsPreflight=true;}voidLoadInfo::SetUpgradeInsecureRequests(){mUpgradeInsecureRequests=true;}voidLoadInfo::SetBrowserUpgradeInsecureRequests(){mBrowserUpgradeInsecureRequests=true;}voidLoadInfo::SetBrowserWouldUpgradeInsecureRequests(){mBrowserWouldUpgradeInsecureRequests=true;}NS_IMETHODIMPLoadInfo::GetIsPreflight(bool*aIsPreflight){*aIsPreflight=mIsPreflight;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetLoadTriggeredFromExternal(boolaLoadTriggeredFromExternal){MOZ_ASSERT(!aLoadTriggeredFromExternal||mInternalContentPolicyType==nsIContentPolicy::TYPE_DOCUMENT,"can only set load triggered from external for TYPE_DOCUMENT");mLoadTriggeredFromExternal=aLoadTriggeredFromExternal;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetLoadTriggeredFromExternal(bool*aLoadTriggeredFromExternal){*aLoadTriggeredFromExternal=mLoadTriggeredFromExternal;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetServiceWorkerTaintingSynthesized(bool*aServiceWorkerTaintingSynthesized){MOZ_ASSERT(aServiceWorkerTaintingSynthesized);*aServiceWorkerTaintingSynthesized=mServiceWorkerTaintingSynthesized;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetTainting(uint32_t*aTaintingOut){MOZ_ASSERT(aTaintingOut);*aTaintingOut=static_cast<uint32_t>(mTainting);returnNS_OK;}NS_IMETHODIMPLoadInfo::MaybeIncreaseTainting(uint32_taTainting){NS_ENSURE_ARG(aTainting<=TAINTING_OPAQUE);// Skip if the tainting has been set by the service worker.if(mServiceWorkerTaintingSynthesized){returnNS_OK;}LoadTaintingtainting=static_cast<LoadTainting>(aTainting);if(tainting>mTainting){mTainting=tainting;}returnNS_OK;}voidLoadInfo::SynthesizeServiceWorkerTainting(LoadTaintingaTainting){MOZ_DIAGNOSTIC_ASSERT(aTainting<=LoadTainting::Opaque);mTainting=aTainting;// Flag to prevent the tainting from being increased.mServiceWorkerTaintingSynthesized=true;}NS_IMETHODIMPLoadInfo::GetDocumentHasUserInteracted(bool*aDocumentHasUserInteracted){MOZ_ASSERT(aDocumentHasUserInteracted);*aDocumentHasUserInteracted=mDocumentHasUserInteracted;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetDocumentHasUserInteracted(boolaDocumentHasUserInteracted){mDocumentHasUserInteracted=aDocumentHasUserInteracted;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetDocumentHasLoaded(bool*aDocumentHasLoaded){MOZ_ASSERT(aDocumentHasLoaded);*aDocumentHasLoaded=mDocumentHasLoaded;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetDocumentHasLoaded(boolaDocumentHasLoaded){mDocumentHasLoaded=aDocumentHasLoaded;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetCspNonce(nsAString&aCspNonce){aCspNonce=mCspNonce;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetCspNonce(constnsAString&aCspNonce){MOZ_ASSERT(!mInitialSecurityCheckDone,"setting the nonce is only allowed before any sec checks");mCspNonce=aCspNonce;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetIsTopLevelLoad(bool*aResult){*aResult=mFrameOuterWindowID?mFrameOuterWindowID==mOuterWindowID:mParentOuterWindowID==mOuterWindowID;returnNS_OK;}voidLoadInfo::SetIsFromProcessingFrameAttributes(){mIsFromProcessingFrameAttributes=true;}NS_IMETHODIMPLoadInfo::GetIsFromProcessingFrameAttributes(bool*aIsFromProcessingFrameAttributes){MOZ_ASSERT(aIsFromProcessingFrameAttributes);*aIsFromProcessingFrameAttributes=mIsFromProcessingFrameAttributes;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetResultPrincipalURI(nsIURI**aURI){NS_IF_ADDREF(*aURI=mResultPrincipalURI);returnNS_OK;}NS_IMETHODIMPLoadInfo::SetResultPrincipalURI(nsIURI*aURI){mResultPrincipalURI=aURI;returnNS_OK;}NS_IMETHODIMPLoadInfo::SetRequestBlockingReason(uint32_taReason){mRequestBlockingReason=aReason;returnNS_OK;}NS_IMETHODIMPLoadInfo::GetRequestBlockingReason(uint32_t*aReason){*aReason=mRequestBlockingReason;returnNS_OK;}voidLoadInfo::SetClientInfo(constClientInfo&aClientInfo){mClientInfo.emplace(aClientInfo);}constMaybe<ClientInfo>&LoadInfo::GetClientInfo(){returnmClientInfo;}voidLoadInfo::GiveReservedClientSource(UniquePtr<ClientSource>&&aClientSource){MOZ_DIAGNOSTIC_ASSERT(aClientSource);mReservedClientSource=std::move(aClientSource);SetReservedClientInfo(mReservedClientSource->Info());}UniquePtr<ClientSource>LoadInfo::TakeReservedClientSource(){if(mReservedClientSource){// If the reserved ClientInfo was set due to a ClientSource being present,// then clear that info object when the ClientSource is taken.mReservedClientInfo.reset();}returnstd::move(mReservedClientSource);}voidLoadInfo::SetReservedClientInfo(constClientInfo&aClientInfo){MOZ_DIAGNOSTIC_ASSERT(mInitialClientInfo.isNothing());// Treat assignments of the same value as a no-op. The emplace below// will normally assert when overwriting an existing value.if(mReservedClientInfo.isSome()&&mReservedClientInfo.ref()==aClientInfo){return;}mReservedClientInfo.emplace(aClientInfo);}voidLoadInfo::OverrideReservedClientInfoInParent(constClientInfo&aClientInfo){// This should only be called to handle redirects in the parent process.MOZ_ASSERT(XRE_GetProcessType()==GeckoProcessType_Default);mInitialClientInfo.reset();mReservedClientInfo.reset();mReservedClientInfo.emplace(aClientInfo);}constMaybe<ClientInfo>&LoadInfo::GetReservedClientInfo(){returnmReservedClientInfo;}voidLoadInfo::SetInitialClientInfo(constClientInfo&aClientInfo){MOZ_DIAGNOSTIC_ASSERT(!mReservedClientSource);MOZ_DIAGNOSTIC_ASSERT(mReservedClientInfo.isNothing());// Treat assignments of the same value as a no-op. The emplace below// will normally assert when overwriting an existing value.if(mInitialClientInfo.isSome()&&mInitialClientInfo.ref()==aClientInfo){return;}mInitialClientInfo.emplace(aClientInfo);}constMaybe<ClientInfo>&LoadInfo::GetInitialClientInfo(){returnmInitialClientInfo;}voidLoadInfo::SetController(constServiceWorkerDescriptor&aServiceWorker){mController.emplace(aServiceWorker);}voidLoadInfo::ClearController(){mController.reset();}constMaybe<ServiceWorkerDescriptor>&LoadInfo::GetController(){returnmController;}voidLoadInfo::SetPerformanceStorage(PerformanceStorage*aPerformanceStorage){mPerformanceStorage=aPerformanceStorage;}PerformanceStorage*LoadInfo::GetPerformanceStorage(){returnmPerformanceStorage;}NS_IMETHODIMPLoadInfo::GetCspEventListener(nsICSPEventListener**aCSPEventListener){NS_IF_ADDREF(*aCSPEventListener=mCSPEventListener);returnNS_OK;}NS_IMETHODIMPLoadInfo::SetCspEventListener(nsICSPEventListener*aCSPEventListener){mCSPEventListener=aCSPEventListener;returnNS_OK;}}// namespace net}// namespace mozilla